]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/network/networkd-dhcp-prefix-delegation.c
network: dhcp6pd: also drop prefix assigned to upstream interface
[thirdparty/systemd.git] / src / network / networkd-dhcp-prefix-delegation.c
CommitLineData
d5ebcf65
YW
1/* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3#include "sd-dhcp6-client.h"
4
5#include "hashmap.h"
6#include "in-addr-prefix-util.h"
7#include "networkd-address-generation.h"
8#include "networkd-address.h"
9#include "networkd-dhcp-prefix-delegation.h"
10#include "networkd-dhcp6.h"
11#include "networkd-link.h"
12#include "networkd-manager.h"
13#include "networkd-queue.h"
14#include "networkd-radv.h"
15#include "networkd-route.h"
16#include "parse-util.h"
17#include "string-util.h"
18#include "strv.h"
19
20bool link_dhcp6_pd_is_enabled(Link *link) {
21 assert(link);
22
23 if (!link->network)
24 return false;
25
26 return link->network->dhcp6_pd;
27}
28
29bool dhcp6_pd_is_uplink(Link *link, Link *target, bool accept_auto) {
30 assert(link);
31 assert(target);
32
33 if (!link_dhcp6_pd_is_enabled(link))
34 return false;
35
36 if (link->network->dhcp6_pd_uplink_name)
37 return streq_ptr(target->ifname, link->network->dhcp6_pd_uplink_name) ||
38 strv_contains(target->alternative_names, link->network->dhcp6_pd_uplink_name);
39
40 if (link->network->dhcp6_pd_uplink_index > 0)
41 return target->ifindex == link->network->dhcp6_pd_uplink_index;
42
43 if (link->network->dhcp6_pd_uplink_index == UPLINK_INDEX_SELF)
44 return link == target;
45
46 assert(link->network->dhcp6_pd_uplink_index == UPLINK_INDEX_AUTO);
47 return accept_auto;
48}
49
50bool dhcp6_lease_has_pd_prefix(sd_dhcp6_lease *lease) {
51 uint32_t lifetime_preferred_sec, lifetime_valid_sec;
52 struct in6_addr pd_prefix;
53 uint8_t pd_prefix_len;
54
55 if (!lease)
56 return false;
57
58 sd_dhcp6_lease_reset_pd_prefix_iter(lease);
59
60 return sd_dhcp6_lease_get_pd(lease, &pd_prefix, &pd_prefix_len, &lifetime_preferred_sec, &lifetime_valid_sec) >= 0;
61}
62
63static void link_remove_dhcp6_pd_prefix(Link *link, const struct in6_addr *prefix) {
64 void *key;
65
66 assert(link);
67 assert(link->manager);
68 assert(prefix);
69
70 if (hashmap_get(link->manager->links_by_dhcp6_pd_prefix, prefix) != link)
71 return;
72
73 hashmap_remove2(link->manager->links_by_dhcp6_pd_prefix, prefix, &key);
74 free(key);
75}
76
77static int link_add_dhcp6_pd_prefix(Link *link, const struct in6_addr *prefix) {
78 _cleanup_free_ struct in6_addr *copy = NULL;
79 int r;
80
81 assert(link);
82 assert(prefix);
83
84 copy = newdup(struct in6_addr, prefix, 1);
85 if (!copy)
86 return -ENOMEM;
87
88 r = hashmap_ensure_put(&link->manager->links_by_dhcp6_pd_prefix, &in6_addr_hash_ops_free, copy, link);
89 if (r < 0)
90 return r;
91 if (r > 0)
92 TAKE_PTR(copy);
93
94 return 0;
95}
96
97static int link_get_by_dhcp6_pd_prefix(Manager *manager, const struct in6_addr *prefix, Link **ret) {
98 Link *link;
99
100 assert(manager);
101 assert(prefix);
102
103 link = hashmap_get(manager->links_by_dhcp6_pd_prefix, prefix);
104 if (!link)
105 return -ENODEV;
106
107 if (ret)
108 *ret = link;
109 return 0;
110}
111
112static int dhcp6_pd_get_assigned_prefix(Link *link, const struct in6_addr *pd_prefix, uint8_t pd_prefix_len, struct in6_addr *ret) {
113 assert(link);
114 assert(pd_prefix);
115
116 if (!link_dhcp6_pd_is_enabled(link))
117 return -ENOENT;
118
119 if (link->network->dhcp6_pd_assign) {
120 Address *address;
121
122 SET_FOREACH(address, link->addresses) {
123 if (address->source != NETWORK_CONFIG_SOURCE_DHCP6PD)
124 continue;
125 assert(address->family == AF_INET6);
126
127 if (in6_addr_prefix_covers(pd_prefix, pd_prefix_len, &address->in_addr.in6) <= 0)
128 continue;
129
130 if (ret) {
131 struct in6_addr prefix = address->in_addr.in6;
132
133 in6_addr_mask(&prefix, 64);
134 *ret = prefix;
135 }
136 return 0;
137 }
138 } else {
139 Route *route;
140
141 SET_FOREACH(route, link->routes) {
142 if (route->source != NETWORK_CONFIG_SOURCE_DHCP6PD)
143 continue;
144 assert(route->family == AF_INET6);
145
146 if (in6_addr_prefix_covers(pd_prefix, pd_prefix_len, &route->dst.in6) > 0) {
147 if (ret)
148 *ret = route->dst.in6;
149 return 0;
150 }
151 }
152 }
153
154 return -ENOENT;
155}
156
157int dhcp6_pd_remove(Link *link, bool only_marked) {
158 int k, r = 0;
159
160 assert(link);
161 assert(link->manager);
162
163 if (!link_dhcp6_pd_is_enabled(link))
164 return 0;
165
166 if (!only_marked)
167 link->dhcp6_pd_configured = false;
168
169 if (!link->network->dhcp6_pd_assign) {
170 Route *route;
171
172 SET_FOREACH(route, link->routes) {
173 if (route->source != NETWORK_CONFIG_SOURCE_DHCP6PD)
174 continue;
175 if (only_marked && !route_is_marked(route))
176 continue;
177
178 if (link->radv)
179 (void) sd_radv_remove_prefix(link->radv, &route->dst.in6, 64);
180
181 link_remove_dhcp6_pd_prefix(link, &route->dst.in6);
182
183 k = route_remove(route);
184 if (k < 0)
185 r = k;
186
187 route_cancel_request(route);
188 }
189 } else {
190 Address *address;
191
192 SET_FOREACH(address, link->addresses) {
193 struct in6_addr prefix;
194
195 if (address->source != NETWORK_CONFIG_SOURCE_DHCP6PD)
196 continue;
197 if (only_marked && !address_is_marked(address))
198 continue;
199
200 prefix = address->in_addr.in6;
201 in6_addr_mask(&prefix, 64);
202
203 if (link->radv)
204 (void) sd_radv_remove_prefix(link->radv, &prefix, 64);
205
206 link_remove_dhcp6_pd_prefix(link, &prefix);
207
208 k = address_remove(address);
209 if (k < 0)
210 r = k;
211
212 address_cancel_request(address);
213 }
214 }
215
216 return r;
217}
218
219static int dhcp6_pd_check_ready(Link *link);
220
221static int dhcp6_pd_address_ready_callback(Address *address) {
222 Address *a;
223
224 assert(address);
225 assert(address->link);
226
227 SET_FOREACH(a, address->link->addresses)
228 if (a->source == NETWORK_CONFIG_SOURCE_DHCP6PD)
229 a->callback = NULL;
230
231 return dhcp6_pd_check_ready(address->link);
232}
233
234static int dhcp6_pd_check_ready(Link *link) {
235 int r;
236
237 assert(link);
238 assert(link->network);
239
240 if (link->dhcp6_pd_messages > 0) {
241 log_link_debug(link, "%s(): DHCPv6PD addresses and routes are not set.", __func__);
242 return 0;
243 }
244
245 if (link->network->dhcp6_pd_assign) {
246 bool has_ready = false;
247 Address *address;
248
249 SET_FOREACH(address, link->addresses) {
250 if (address->source != NETWORK_CONFIG_SOURCE_DHCP6PD)
251 continue;
252 if (address_is_ready(address)) {
253 has_ready = true;
254 break;
255 }
256 }
257
258 if (!has_ready) {
259 SET_FOREACH(address, link->addresses)
260 if (address->source == NETWORK_CONFIG_SOURCE_DHCP6PD)
261 address->callback = dhcp6_pd_address_ready_callback;
262
263 log_link_debug(link, "%s(): no DHCPv6PD address is ready.", __func__);
264 return 0;
265 }
266 }
267
268 link->dhcp6_pd_configured = true;
269
270 log_link_debug(link, "DHCPv6 PD addresses and routes set.");
271
272 r = dhcp6_pd_remove(link, /* only_marked = */ true);
273 if (r < 0)
274 return r;
275
276 link_check_ready(link);
277 return 1;
278}
279
280static int dhcp6_pd_route_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
281 int r;
282
283 assert(link);
284 assert(link->dhcp6_pd_messages > 0);
285
286 link->dhcp6_pd_messages--;
287
288 r = route_configure_handler_internal(rtnl, m, link, "Failed to add DHCPv6 Prefix Delegation route");
289 if (r <= 0)
290 return r;
291
292 r = dhcp6_pd_check_ready(link);
293 if (r < 0)
294 link_enter_failed(link);
295
296 return 1;
297}
298
299static int dhcp6_pd_request_route(Link *link, const struct in6_addr *prefix, usec_t lifetime_usec) {
300 _cleanup_(route_freep) Route *route = NULL;
301 Route *existing;
302 int r;
303
304 assert(link);
305 assert(link->network);
306 assert(prefix);
307
308 if (link->network->dhcp6_pd_assign)
309 return 0;
310
311 r = route_new(&route);
312 if (r < 0)
313 return r;
314
315 route->source = NETWORK_CONFIG_SOURCE_DHCP6PD;
316 route->family = AF_INET6;
317 route->dst.in6 = *prefix;
318 route->dst_prefixlen = 64;
319 route->protocol = RTPROT_DHCP;
320 route->priority = link->network->dhcp6_pd_route_metric;
321 route->lifetime_usec = lifetime_usec;
322
323 if (route_get(NULL, link, route, &existing) < 0)
324 link->dhcp6_pd_configured = false;
325 else
326 route_unmark(existing);
327
328 r = link_request_route(link, TAKE_PTR(route), true, &link->dhcp6_pd_messages,
329 dhcp6_pd_route_handler, NULL);
330 if (r < 0)
331 return log_link_error_errno(link, r, "Failed to request DHCPv6 prefix route: %m");
332
333 return 0;
334}
335
336static int dhcp6_pd_address_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
337 int r;
338
339 assert(link);
340 assert(link->dhcp6_pd_messages > 0);
341
342 link->dhcp6_pd_messages--;
343
344 r = address_configure_handler_internal(rtnl, m, link, "Could not set DHCPv6 delegated prefix address");
345 if (r <= 0)
346 return r;
347
348 r = dhcp6_pd_check_ready(link);
349 if (r < 0)
350 link_enter_failed(link);
351
352 return 1;
353}
354
355static void log_dhcp6_pd_address(Link *link, const Address *address) {
356 _cleanup_free_ char *buffer = NULL;
357 int log_level;
358
359 assert(address);
360 assert(address->family == AF_INET6);
361
362 log_level = address_get(link, address, NULL) >= 0 ? LOG_DEBUG : LOG_INFO;
363
364 if (log_level < log_get_max_level())
365 return;
366
367 (void) in6_addr_prefix_to_string(&address->in_addr.in6, address->prefixlen, &buffer);
368
369 log_link_full(link, log_level, "DHCPv6-PD address %s (valid %s, preferred %s)",
370 strna(buffer),
371 FORMAT_LIFETIME(address->lifetime_valid_usec),
372 FORMAT_LIFETIME(address->lifetime_preferred_usec));
373}
374
375static int dhcp6_pd_request_address(
376 Link *link,
377 const struct in6_addr *prefix,
378 usec_t lifetime_preferred_usec,
379 usec_t lifetime_valid_usec) {
380
381 _cleanup_set_free_ Set *addresses = NULL;
382 struct in6_addr *a;
383 int r;
384
385 assert(link);
386 assert(link->network);
387 assert(prefix);
388
389 if (!link->network->dhcp6_pd_assign)
390 return 0;
391
392 r = dhcp6_pd_generate_addresses(link, prefix, &addresses);
393 if (r < 0)
394 return log_link_warning_errno(link, r, "Failed to generate addresses for acquired DHCPv6 delegated prefix: %m");
395
396 SET_FOREACH(a, addresses) {
397 _cleanup_(address_freep) Address *address = NULL;
398 Address *existing;
399
400 r = address_new(&address);
401 if (r < 0)
402 return log_link_error_errno(link, r, "Failed to allocate address for DHCPv6 delegated prefix: %m");
403
404 address->source = NETWORK_CONFIG_SOURCE_DHCP6PD;
405 address->family = AF_INET6;
406 address->in_addr.in6 = *a;
407 address->prefixlen = 64;
408 address->lifetime_preferred_usec = lifetime_preferred_usec;
409 address->lifetime_valid_usec = lifetime_valid_usec;
410 SET_FLAG(address->flags, IFA_F_MANAGETEMPADDR, link->network->dhcp6_pd_manage_temporary_address);
411 address->route_metric = link->network->dhcp6_pd_route_metric;
412
413 log_dhcp6_pd_address(link, address);
414
415 if (address_get(link, address, &existing) < 0)
416 link->dhcp6_pd_configured = false;
417 else
418 address_unmark(existing);
419
420 r = link_request_address(link, TAKE_PTR(address), true, &link->dhcp6_pd_messages,
421 dhcp6_pd_address_handler, NULL);
422 if (r < 0)
423 return log_link_error_errno(link, r, "Failed to request DHCPv6 delegated prefix address: %m");
424 }
425
426 return 0;
427}
428
429static bool link_has_preferred_subnet_id(Link *link) {
430 if (!link->network)
431 return false;
432
433 return link->network->dhcp6_pd_subnet_id >= 0;
434}
435
436static int dhcp6_pd_calculate_prefix(
437 const struct in6_addr *pd_prefix,
438 uint8_t pd_prefix_len,
439 uint64_t subnet_id,
440 struct in6_addr *ret) {
441
442 struct in6_addr prefix;
443
444 assert(pd_prefix);
445 assert(pd_prefix_len <= 64);
446 assert(ret);
447
448 if (subnet_id >= UINT64_C(1) << (64 - pd_prefix_len))
449 return -ERANGE;
450
451 prefix = *pd_prefix;
452
453 if (pd_prefix_len < 32)
454 prefix.s6_addr32[0] |= htobe32(subnet_id >> 32);
455
456 prefix.s6_addr32[1] |= htobe32(subnet_id & 0xffffffff);
457
458 *ret = prefix;
459 return 0;
460}
461
462static int dhcp6_pd_get_preferred_prefix(
463 Link *link,
464 const struct in6_addr *pd_prefix,
465 uint8_t pd_prefix_len,
466 struct in6_addr *ret) {
467
468 struct in6_addr prefix;
469 Link *assigned_link;
470 int r;
471
472 assert(link);
473 assert(link->manager);
474 assert(pd_prefix);
475
476 if (link_has_preferred_subnet_id(link)) {
477 /* If the link has a preference for a particular subnet id try to allocate that */
478
479 r = dhcp6_pd_calculate_prefix(pd_prefix, pd_prefix_len, link->network->dhcp6_pd_subnet_id, &prefix);
480 if (r < 0)
481 return log_link_warning_errno(link, r,
482 "subnet id %" PRIu64 " is out of range. Only have %" PRIu64 " subnets.",
483 link->network->dhcp6_pd_subnet_id, UINT64_C(1) << (64 - pd_prefix_len));
484
485 if (link_get_by_dhcp6_pd_prefix(link->manager, &prefix, &assigned_link) >= 0 &&
486 assigned_link != link) {
487 _cleanup_free_ char *assigned_buf = NULL;
488
489 (void) in6_addr_to_string(&prefix, &assigned_buf);
490 return log_link_warning_errno(link, SYNTHETIC_ERRNO(EAGAIN),
491 "The requested prefix %s is already assigned to another link.",
492 strna(assigned_buf));
493 }
494
495 *ret = prefix;
496 return 0;
497 }
498
499 for (uint64_t n = 0; ; n++) {
500 /* If we do not have an allocation preference just iterate
501 * through the address space and return the first free prefix. */
502
503 r = dhcp6_pd_calculate_prefix(pd_prefix, pd_prefix_len, n, &prefix);
504 if (r < 0)
505 return log_link_warning_errno(link, r,
506 "Couldn't find a suitable prefix. Ran out of address space.");
507
508 /* Do not use explicitly requested subnet IDs. Note that the corresponding link may not
509 * appear yet. So, we need to check the ID is not used in any .network files. */
510 if (set_contains(link->manager->dhcp6_pd_subnet_ids, &n))
511 continue;
512
513 /* Check that the prefix is not assigned to another link. */
514 if (link_get_by_dhcp6_pd_prefix(link->manager, &prefix, &assigned_link) < 0 ||
515 assigned_link == link) {
516 *ret = prefix;
517 return 0;
518 }
519 }
520}
521
522static int dhcp6_pd_assign_prefix(
523 Link *link,
524 const struct in6_addr *pd_prefix,
525 uint8_t pd_prefix_len,
526 usec_t lifetime_preferred_usec,
527 usec_t lifetime_valid_usec) {
528
529 _cleanup_free_ char *buf = NULL;
530 struct in6_addr prefix;
531 int r;
532
533 assert(link);
534 assert(link->network);
535 assert(pd_prefix);
536
537 if (dhcp6_pd_get_assigned_prefix(link, pd_prefix, pd_prefix_len, &prefix) < 0 &&
538 dhcp6_pd_get_preferred_prefix(link, pd_prefix, pd_prefix_len, &prefix) < 0)
539 return 0;
540
541 (void) in6_addr_prefix_to_string(&prefix, 64, &buf);
542
543 if (link->network->dhcp6_pd_announce) {
544 r = radv_add_prefix(link, &prefix, 64, lifetime_preferred_usec, lifetime_valid_usec);
545 if (r < 0)
546 return log_link_warning_errno(link, r,
547 "Failed to assign/update prefix %s to IPv6 Router Advertisement: %m",
548 strna(buf));
549 }
550
551 r = dhcp6_pd_request_route(link, &prefix, lifetime_valid_usec);
552 if (r < 0)
553 return log_link_warning_errno(link, r,
554 "Failed to assign/update route for prefix %s: %m",
555 strna(buf));
556
557 r = dhcp6_pd_request_address(link, &prefix, lifetime_preferred_usec, lifetime_valid_usec);
558 if (r < 0)
559 return log_link_warning_errno(link, r,
560 "Failed to assign/update address for prefix %s: %m",
561 strna(buf));
562
563 r = link_add_dhcp6_pd_prefix(link, &prefix);
564 if (r < 0)
565 return log_link_warning_errno(link, r,
566 "Failed to save assigned prefix %s: %m",
567 strna(buf));
568
569 log_link_debug(link, "Assigned prefix %s", strna(buf));
570 return 1;
571}
572
573static int dhcp6_pd_distribute_prefix(
574 Link *dhcp6_link,
575 const struct in6_addr *pd_prefix,
576 uint8_t pd_prefix_len,
577 usec_t lifetime_preferred_usec,
578 usec_t lifetime_valid_usec) {
579
580 Link *link;
581 int r;
582
583 assert(dhcp6_link);
584 assert(dhcp6_link->manager);
585 assert(pd_prefix);
586 assert(pd_prefix_len <= 64);
587
588 HASHMAP_FOREACH(link, dhcp6_link->manager->links_by_index) {
589 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
590 continue;
591
592 if (!dhcp6_pd_is_uplink(link, dhcp6_link, /* accept_auto = */ true))
593 continue;
594
595 if (link->network->dhcp6_pd_announce && !link->radv)
596 continue;
597
598 if (link == dhcp6_link && !link->network->dhcp6_pd_assign)
599 continue;
600
601 r = dhcp6_pd_assign_prefix(link, pd_prefix, pd_prefix_len, lifetime_preferred_usec, lifetime_valid_usec);
602 if (r < 0) {
603 if (link == dhcp6_link)
604 return r;
605
606 link_enter_failed(link);
607 continue;
608 }
609 }
610
611 return 0;
612}
613
614static int dhcp6_pd_prepare(Link *link) {
615 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
616 return 0;
617
618 if (!link_dhcp6_pd_is_enabled(link))
619 return 0;
620
621 if (link->network->dhcp6_pd_announce && !link->radv)
622 return 0;
623
624 link_mark_addresses(link, NETWORK_CONFIG_SOURCE_DHCP6PD, NULL);
625 link_mark_routes(link, NETWORK_CONFIG_SOURCE_DHCP6PD, NULL);
626
627 return 0;
628}
629
630static int dhcp6_pd_finalize(Link *link) {
631 int r;
632
633 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
634 return 0;
635
636 if (!link_dhcp6_pd_is_enabled(link))
637 return 0;
638
639 if (link->network->dhcp6_pd_announce && !link->radv)
640 return 0;
641
642 if (link->dhcp6_pd_messages == 0) {
643 link->dhcp6_pd_configured = false;
644
645 r = dhcp6_pd_remove(link, /* only_marked = */ true);
646 if (r < 0)
647 return r;
648 }
649
650 if (!link->dhcp6_pd_configured)
651 link_set_state(link, LINK_STATE_CONFIGURING);
652
653 link_check_ready(link);
654 return 0;
655}
656
657void dhcp6_pd_prefix_lost(Link *dhcp6_link) {
658 Link *link;
659 int r;
660
661 assert(dhcp6_link);
662 assert(dhcp6_link->manager);
663
664 HASHMAP_FOREACH(link, dhcp6_link->manager->links_by_index) {
1d44187c 665 if (!dhcp6_pd_is_uplink(link, dhcp6_link, /* accept_auto = */ true))
d5ebcf65
YW
666 continue;
667
668 r = dhcp6_pd_remove(link, /* only_marked = */ false);
669 if (r < 0)
670 link_enter_failed(link);
671 }
672
673 set_clear(dhcp6_link->dhcp6_pd_prefixes);
674}
675
676static int dhcp6_route_handler(sd_netlink *rtnl, sd_netlink_message *m, Link *link) {
677 int r;
678
679 assert(link);
680 assert(link->dhcp6_messages > 0);
681
682 link->dhcp6_messages--;
683
684 r = route_configure_handler_internal(rtnl, m, link, "Failed to set unreachable route for DHCPv6 delegated subnet");
685 if (r <= 0)
686 return r;
687
688 r = dhcp6_check_ready(link);
689 if (r < 0)
690 link_enter_failed(link);
691
692 return 1;
693}
694
695static int dhcp6_request_unreachable_route(Link *link, const struct in6_addr *addr, uint8_t prefixlen, usec_t lifetime_usec) {
696 _cleanup_(route_freep) Route *route = NULL;
697 _cleanup_free_ char *buf = NULL;
698 Route *existing;
699 int r;
700
701 assert(link);
702 assert(addr);
703
704 (void) in6_addr_prefix_to_string(addr, prefixlen, &buf);
705
706 if (prefixlen == 64) {
707 log_link_debug(link, "Not adding a blocking route for DHCPv6 delegated subnet %s since distributed prefix is 64",
708 strna(buf));
709 return 0;
710 }
711
712 r = route_new(&route);
713 if (r < 0)
714 return log_oom();
715
716 route->source = NETWORK_CONFIG_SOURCE_DHCP6;
717 route->family = AF_INET6;
718 route->dst.in6 = *addr;
719 route->dst_prefixlen = prefixlen;
720 route->table = link_get_dhcp6_route_table(link);
721 route->type = RTN_UNREACHABLE;
722 route->protocol = RTPROT_DHCP;
723 route->priority = DHCP_ROUTE_METRIC;
724 route->lifetime_usec = lifetime_usec;
725
726 if (route_get(link->manager, NULL, route, &existing) < 0)
727 link->dhcp6_configured = false;
728 else
729 route_unmark(existing);
730
731 r = link_request_route(link, TAKE_PTR(route), true, &link->dhcp6_messages,
732 dhcp6_route_handler, NULL);
733 if (r < 0)
734 return log_link_error_errno(link, r, "Failed to request unreachable route for DHCPv6 delegated subnet %s: %m",
735 strna(buf));
736
737 return 0;
738}
739
740static int dhcp6_pd_prefix_add(Link *link, const struct in6_addr *prefix, uint8_t prefixlen) {
741 _cleanup_free_ char *buf = NULL;
742 struct in_addr_prefix *p;
743 int r;
744
745 assert(link);
746 assert(prefix);
747
748 p = new(struct in_addr_prefix, 1);
749 if (!p)
750 return log_oom();
751
752 *p = (struct in_addr_prefix) {
753 .family = AF_INET6,
754 .prefixlen = prefixlen,
755 .address.in6 = *prefix,
756 };
757
758 (void) in6_addr_prefix_to_string(prefix, prefixlen, &buf);
759
760 log_link_full(link,
761 set_contains(link->dhcp6_pd_prefixes, p) ? LOG_DEBUG :
762 prefixlen > 64 || prefixlen < 48 ? LOG_WARNING : LOG_INFO,
763 "DHCPv6: received PD Prefix %s%s",
764 strna(buf),
765 prefixlen > 64 ? " with prefix length > 64, ignoring." :
766 prefixlen < 48 ? " with prefix length < 48, looks unusual.": "");
767
768 /* Store PD prefix even if prefixlen > 64, not to make logged at warning level so frequently. */
769 r = set_ensure_consume(&link->dhcp6_pd_prefixes, &in_addr_prefix_hash_ops_free, p);
770 if (r < 0)
771 return log_link_error_errno(link, r, "Failed to store DHCPv6 PD prefix %s: %m", strna(buf));
772
773 return prefixlen <= 64;
774}
775
776int dhcp6_pd_prefix_acquired(Link *dhcp6_link) {
777 usec_t timestamp_usec;
778 Link *link;
779 int r;
780
781 assert(dhcp6_link);
782 assert(dhcp6_link->dhcp6_lease);
783
784 r = sd_dhcp6_lease_get_timestamp(dhcp6_link->dhcp6_lease, clock_boottime_or_monotonic(), &timestamp_usec);
785 if (r < 0)
786 return log_link_warning_errno(dhcp6_link, r, "Failed to get timestamp of DHCPv6 lease: %m");
787
788 HASHMAP_FOREACH(link, dhcp6_link->manager->links_by_index) {
789 r = dhcp6_pd_prepare(link);
790 if (r < 0) {
791 /* When failed on the upstream interface (i.e., the case link == dhcp6_link),
792 * immediately abort the assignment of the prefixes. As, the all assigned
793 * prefixes will be dropped soon in link_enter_failed(), and it is meaningless
794 * to continue the assignment. */
795 if (link == dhcp6_link)
796 return r;
797
798 link_enter_failed(link);
799 }
800 }
801
802 for (sd_dhcp6_lease_reset_pd_prefix_iter(dhcp6_link->dhcp6_lease);;) {
803 uint32_t lifetime_preferred_sec, lifetime_valid_sec;
804 usec_t lifetime_preferred_usec, lifetime_valid_usec;
805 struct in6_addr pd_prefix;
806 uint8_t pd_prefix_len;
807
808 r = sd_dhcp6_lease_get_pd(dhcp6_link->dhcp6_lease, &pd_prefix, &pd_prefix_len,
809 &lifetime_preferred_sec, &lifetime_valid_sec);
810 if (r < 0)
811 break;
812
813 lifetime_preferred_usec = usec_add(lifetime_preferred_sec * USEC_PER_SEC, timestamp_usec);
814 lifetime_valid_usec = usec_add(lifetime_valid_sec * USEC_PER_SEC, timestamp_usec);
815
816 r = dhcp6_pd_prefix_add(dhcp6_link, &pd_prefix, pd_prefix_len);
817 if (r < 0)
818 return r;
819 if (r == 0)
820 continue;
821
822 r = dhcp6_request_unreachable_route(dhcp6_link, &pd_prefix, pd_prefix_len, lifetime_valid_usec);
823 if (r < 0)
824 return r;
825
826 /* We are doing prefix allocation in two steps:
827 * 1. all those links that have a preferred subnet id will be assigned their subnet
828 * 2. all those links that remain will receive prefixes in sequential order. Prefixes
829 * that were previously already allocated to another link will be skipped.
830 * The assignment has to be split in two phases since subnet id
831 * preferences should be honored. Meaning that any subnet id should be
832 * handed out to the requesting link and not to some link that didn't
833 * specify any preference. */
834
835 assert(pd_prefix_len <= 64);
836
837 /* Mask prefix for safety. */
838 r = in6_addr_mask(&pd_prefix, pd_prefix_len);
839 if (r < 0)
840 return log_link_error_errno(dhcp6_link, r, "Failed to mask DHCPv6 PD prefix: %m");
841
842 if (DEBUG_LOGGING) {
843 uint64_t n_prefixes = UINT64_C(1) << (64 - pd_prefix_len);
844 _cleanup_free_ char *buf = NULL;
845
846 (void) in6_addr_prefix_to_string(&pd_prefix, pd_prefix_len, &buf);
847 log_link_debug(dhcp6_link, "Assigning up to %" PRIu64 " prefixes from %s",
848 n_prefixes, strna(buf));
849 }
850
851 r = dhcp6_pd_distribute_prefix(dhcp6_link,
852 &pd_prefix,
853 pd_prefix_len,
854 lifetime_preferred_usec,
855 lifetime_valid_usec);
856 if (r < 0)
857 return r;
858 }
859
860 HASHMAP_FOREACH(link, dhcp6_link->manager->links_by_index) {
861 r = dhcp6_pd_finalize(link);
862 if (r < 0) {
863 if (link == dhcp6_link)
864 return r;
865
866 link_enter_failed(link);
867 }
868 }
869
870 return 0;
871}
872
873static int dhcp6_pd_assign_prefixes(Link *link, Link *uplink) {
874 usec_t timestamp_usec;
875 int r;
876
877 assert(link);
878 assert(uplink);
879 assert(uplink->dhcp6_lease);
880
881 /* This is similar to dhcp6_pd_prefix_acquired(), but called when a downstream interface
882 * appears later or reconfiguring the interface. */
883
884 r = sd_dhcp6_lease_get_timestamp(uplink->dhcp6_lease, clock_boottime_or_monotonic(), &timestamp_usec);
885 if (r < 0)
886 return r;
887
888 r = dhcp6_pd_prepare(link);
889 if (r < 0)
890 return r;
891
892 for (sd_dhcp6_lease_reset_pd_prefix_iter(uplink->dhcp6_lease);;) {
893 uint32_t lifetime_preferred_sec, lifetime_valid_sec;
894 usec_t lifetime_preferred_usec, lifetime_valid_usec;
895 struct in6_addr pd_prefix;
896 uint8_t pd_prefix_len;
897
898 r = sd_dhcp6_lease_get_pd(uplink->dhcp6_lease, &pd_prefix, &pd_prefix_len,
899 &lifetime_preferred_sec, &lifetime_valid_sec);
900 if (r < 0)
901 break;
902
903 lifetime_preferred_usec = usec_add(lifetime_preferred_sec * USEC_PER_SEC, timestamp_usec);
904 lifetime_valid_usec = usec_add(lifetime_valid_sec * USEC_PER_SEC, timestamp_usec);
905
906 if (pd_prefix_len > 64)
907 continue;
908
909 /* Mask prefix for safety. */
910 r = in6_addr_mask(&pd_prefix, pd_prefix_len);
911 if (r < 0)
912 return r;
913
914 r = dhcp6_pd_assign_prefix(link, &pd_prefix, pd_prefix_len, lifetime_preferred_usec, lifetime_valid_usec);
915 if (r < 0)
916 return r;
917 }
918
919 r = dhcp6_pd_finalize(link);
920 if (r < 0)
921 return r;
922
923 return 0;
924}
925
926static bool dhcp6_pd_uplink_is_ready(Link *link) {
927 assert(link);
928
929 if (!link->network)
930 return false;
931
932 if (!link->network->dhcp6_use_pd_prefix)
933 return false;
934
935 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
936 return false;
937
938 if (!link->dhcp6_client)
939 return false;
940
941 if (sd_dhcp6_client_is_running(link->dhcp6_client) <= 0)
942 return false;
943
944 if (!link->dhcp6_lease)
945 return false;
946
947 return dhcp6_lease_has_pd_prefix(link->dhcp6_lease);
948}
949
950int dhcp6_pd_find_uplink(Link *link, Link **ret) {
951 Link *uplink = NULL;
952 int r = 0;
953
954 assert(link);
955 assert(link->manager);
956 assert(link_dhcp6_pd_is_enabled(link));
957 assert(ret);
958
959 if (link->network->dhcp6_pd_uplink_name)
960 r = link_get_by_name(link->manager, link->network->dhcp6_pd_uplink_name, &uplink);
961 else if (link->network->dhcp6_pd_uplink_index > 0)
962 r = link_get_by_index(link->manager, link->network->dhcp6_pd_uplink_index, &uplink);
963 else if (link->network->dhcp6_pd_uplink_index == UPLINK_INDEX_SELF)
964 uplink = link;
965 if (r < 0)
966 return r;
967
968 if (uplink) {
969 if (!dhcp6_pd_uplink_is_ready(uplink))
970 return -EBUSY;
971
972 *ret = uplink;
973 return 0;
974 }
975
976 HASHMAP_FOREACH(uplink, link->manager->links_by_index) {
977 if (!dhcp6_pd_uplink_is_ready(uplink))
978 continue;
979
980 /* Assume that there exists at most one link which acquired delegated prefixes. */
981 *ret = uplink;
982 return 0;
983 }
984
985 return -ENODEV;
986}
987
988int dhcp6_request_prefix_delegation(Link *link) {
989 Link *uplink;
990
991 assert(link);
992
993 if (!link_dhcp6_pd_is_enabled(link))
994 return 0;
995
996 if (dhcp6_pd_find_uplink(link, &uplink) < 0)
997 return 0;
998
999 log_link_debug(link, "Requesting subnets of delegated prefixes acquired by %s", uplink->ifname);
1000 return dhcp6_pd_assign_prefixes(link, uplink);
1001}
1002
1003int config_parse_dhcp6_pd_subnet_id(
1004 const char *unit,
1005 const char *filename,
1006 unsigned line,
1007 const char *section,
1008 unsigned section_line,
1009 const char *lvalue,
1010 int ltype,
1011 const char *rvalue,
1012 void *data,
1013 void *userdata) {
1014
1015 int64_t *p = data;
1016 uint64_t t;
1017 int r;
1018
1019 assert(filename);
1020 assert(lvalue);
1021 assert(rvalue);
1022 assert(data);
1023
1024 if (isempty(rvalue) || streq(rvalue, "auto")) {
1025 *p = -1;
1026 return 0;
1027 }
1028
1029 r = safe_atoux64(rvalue, &t);
1030 if (r < 0) {
1031 log_syntax(unit, LOG_WARNING, filename, line, r,
1032 "Failed to parse %s=, ignoring assignment: %s",
1033 lvalue, rvalue);
1034 return 0;
1035 }
1036 if (t > INT64_MAX) {
1037 log_syntax(unit, LOG_WARNING, filename, line, 0,
1038 "Invalid subnet id '%s', ignoring assignment.",
1039 rvalue);
1040 return 0;
1041 }
1042
1043 *p = (int64_t) t;
1044
1045 return 0;
1046}